JanssenProject · yurem · Jan 22, 2025 · Jan 10, 2025 · Jan 20, 2025 · Jan 20, 2025
@@ -46,25 +46,6 @@ def init_plugin(self) -> None:
     def create_widgets(self):
         self.schema = self.app.cli_object.get_schema_from_reference('Lock', '#/components/schemas/AppConfiguration')
 
-
-        self.opa_config_base_url = common_data.app.getTitledText(
-                    title=_("Base URL"),
-                    name='baseUrl',
-                    value=self.data.get('opaConfiguration', {}).get('baseUrl', ''),
-                    style=cli_style.edit_text,
-                    jans_help=_("Base URL for OPA"),
-                    widget_style=cli_style.black_bg_widget
-                )
-
-        self.opa_config_accessToken = common_data.app.getTitledText(
-                    title=_("Access Token"),
-                    name='accessToken',
-                    value=self.data.get('opaConfiguration', {}).get('accessToken', ''),
-                    style=cli_style.edit_text,
-                    jans_help=_("Access token for OPA"),
-                    widget_style=cli_style.black_bg_widget
-                )
-
         self.working_container = HSplit([
 
                 common_data.app.getTitledText(
@@ -160,16 +141,11 @@ def create_widgets(self):
                 common_data.app.getTitledText(
                     title=_("PDP Type"),
                     name='pdpType',
-                    value=self.data.get('pdpType', 'OPA'),
+                    value=self.data.get('pdpType', ''),
                     style=cli_style.edit_text,
                     widget_style=cli_style.black_bg_widget
                 ),
 
-                Frame(
-                    title=_("OPA Configuration"),
-                    body=HSplit([self.opa_config_base_url, self.opa_config_accessToken]),
-                ),
-
                 common_data.app.getTitledText(
                     title=_("Policies JSON URIs Authorization Token"),
                     name='policiesJsonUrisAuthorizationToken',
@@ -242,10 +218,6 @@ def save(self):
 
         async def lock_config_coroutine():
             lock_config = self.make_data_from_dialog(tabs={'lock_config': self.working_container})
-            lock_config['opaConfiguration'] = {
-                'baseUrl': self.opa_config_base_url.me.text,
-                'accessToken': self.opa_config_accessToken.me.text,
-            }
 
             cli_args = {'operation_id': 'put-lock-properties', 'data': lock_config}
             common_data.app.start_progressing(_("Saving Lock configuration"))

@@ -11,8 +11,6 @@
 from setup_app.utils.ldif_utils import myLdifParser, create_client_ldif
 
 Config.jans_lock_port = '8076'
-Config.jans_opa_host = 'localhost'
-Config.jans_opa_port = '8181'
 Config.lock_message_provider_type = 'DISABLED'
 Config.lock_redis_host = 'localhost'
 Config.lock_redis_port = '6379'
@@ -23,7 +21,7 @@ class JansLockInstaller(JettyInstaller):
     source_files = [
                 (os.path.join(Config.dist_jans_dir, 'jans-lock.war'), os.path.join(base.current_app.app_info['JANS_MAVEN'], 'maven/io/jans/jans-lock-server/{0}/jans-lock-server-{0}.war').format(base.current_app.app_info['jans_version'])),
                 (os.path.join(Config.dist_jans_dir, 'jans-lock-service.jar'), os.path.join(base.current_app.app_info['JANS_MAVEN'], 'maven/io/jans/jans-lock-service/{0}/jans-lock-service-{0}.jar').format(base.current_app.app_info['jans_version'])),
-                (os.path.join(Config.dist_app_dir, 'opa'), 'https://openpolicyagent.org/downloads/{}/opa_linux_amd64_static'.format(base.current_app.app_info['OPA_VERSION'])),
+
                 (os.path.join(Config.dist_jans_dir, 'lock-plugin.jar'), os.path.join(base.current_app.app_info['JANS_MAVEN'], 'maven/io/jans/jans-config-api/plugins/lock-plugin/{0}/lock-plugin-{0}-distribution.jar').format(base.current_app.app_info['jans_version'])),
                 (os.path.join(Config.dist_jans_dir, 'jans-lock-model.jar'), os.path.join(base.current_app.app_info['JANS_MAVEN'], 'maven/io/jans/jans-lock-model/{0}/jans-lock-model-{0}.jar'.format(base.current_app.app_info['jans_version']))),
                 ]
@@ -46,9 +44,6 @@ def __init__(self):
         self.static_conf_json = os.path.join(self.output_dir, 'static-conf.json')
         self.message_conf_json = os.path.join(self.output_dir, 'jans_message_conf.json')
         self.config_ldif = os.path.join(self.output_dir, 'config.ldif')
-        self.opa_dir = os.path.join(Config.opt_dir, 'opa')
-        self.opa_bin_dir = os.path.join(self.opa_dir, 'bin')
-        self.opa_log_dir = os.path.join(self.opa_dir, 'logs')
         self.base_endpoint = 'jans-lock' if Config.get('install_jans_lock_as_server') else 'jans-auth'
         self.clients_ldif_fn = os.path.join(self.output_dir, 'clients.ldif')
 
@@ -59,16 +54,11 @@ def install(self):
         else:
             self.install_as_service()
 
-        if Config.get('install_opa'):
-            self.install_opa()
-
         self.create_client()
 
         if Config.persistence_type == 'sql' and Config.rdbm_type == 'pgsql':
-            self.dbUtils.set_jans_auth_conf_dynamic({'lockMessageConfig': {'enableTokenMessages': True, 'tokenMessagesChannel': 'jans_token'}})
             Config.lock_message_provider_type = 'POSTGRES'
 
-
         self.apache_lock_config()
 
     def create_client(self):
@@ -110,7 +100,7 @@ def install_as_server(self):
         self.enable()
 
     def install_as_service(self):
-        for plugin in (self.source_files[1][0], self.source_files[4][0]):
+        for plugin in (self.source_files[1][0], self.source_files[3][0]):
             plugin_name = os.path.basename(plugin)
             self.logIt(f"Adding plugin {plugin_name} to jans-auth")
             self.copyFile(plugin, base.current_app.JansAuthInstaller.custom_lib_dir)
@@ -163,16 +153,6 @@ def apache_lock_config(self):
         self.writeFile(base.current_app.HttpdInstaller.https_jans_fn, '\n'.join(apache_config), backup=False)
 
 
-    def install_opa(self):
-        opa_fn = 'opa'
-        self.systemd_units.append(opa_fn)
-        self.createDirs(self.opa_bin_dir)
-        self.createDirs(self.opa_log_dir)
-        self.copyFile(self.source_files[2][0], self.opa_bin_dir)
-        self.run([paths.cmd_chmod, '755', os.path.join(self.opa_bin_dir, opa_fn)])
-        self.chown(self.opa_dir, Config.jetty_user, Config.jetty_group, recursive=True)
-        self.enable(opa_fn)
-
     def installed(self):
         return os.path.exists(self.jetty_service_webapps) or os.path.exists(os.path.join(base.current_app.JansAuthInstaller.custom_lib_dir, os.path.basename(self.source_files[1][0])))
 

@@ -351,10 +351,6 @@ def pompt_for_jans_lock(self):
                 if prompt == 'y':
                     Config.install_jans_lock = True
 
-            if Config.install_jans_lock:
-                prompt = self.getPrompt("  Install OPA?", self.getDefaultOption(Config.install_opa))[0].lower()
-                Config.install_opa = prompt == 'y'
-
         if Config.installed_instance and Config.install_jans_lock:
             Config.addPostSetupService.append('install_jans_lock')
 

@@ -7,7 +7,6 @@
   "clientId": "%(lock_client_id)s",
   "clientPassword": "%(lock_client_encoded_pw)s",
   "tokenUrl": "%(jans_auth_token_endpoint)s",
-  "groupScopeEnabled": true,
   "endpointGroups": {
     "audit": [
       "telemetry",
@@ -52,14 +51,11 @@
   "metricReporterKeepDataDays": 15,
   "metricReporterEnabled": true,
   "statEnabled": true,
-  "errorReasonEnabled": false,
-  "opaConfiguration": {
-    "baseUrl": "http://%(jans_opa_host)s:%(jans_opa_port)s/v1/",
-    "accessToken": ""
-  },
   "policiesJsonUris": [],
   "policiesJsonUrisAuthorizationToken": "",
   "policiesZipUris": [],
   "policiesZipUrisAuthorizationToken": "",
-  "pdpType": "OPA"
+  "messageConsumerType" : "DISABLED",
+  "policyConsumerType" : "DISABLED",
+  "errorReasonEnabled": false
 }
@@ -16,7 +16,6 @@
 
 package io.jans.lock.model.config;
 
-import java.util.ArrayList;
 import java.util.List;
 import java.util.Map;
 
@@ -70,10 +69,6 @@ public class AppConfiguration implements Configuration {
     @DocProperty(description = "Jans URL of the OpenID Connect Provider's OAuth 2.0 Token Endpoint")
     @Schema(description = "Jans URL of the OpenID Connect Provider's OAuth 2.0 Token Endpoint")
     private String tokenUrl;
-
-    @DocProperty(description = "Group scope enabled")
-    @Schema(description = "Group scope enabled")
-    private boolean groupScopeEnabled;
 
     @DocProperty(description = "Endpoint groups")
     @Schema(description = "Endpoint groups")
@@ -99,10 +94,6 @@ public class AppConfiguration implements Configuration {
     @Schema(description = "The path to the external log4j2 logging configuration")
     private String externalLoggerConfiguration;
 
-    @DocProperty(description = "Channel for metric reports", defaultValue = "jans_pdp_metric")
-    @Schema(description = "Channel for metric reports")
-    private String metricChannel;
-
     @DocProperty(description = "The interval for metric reporter in seconds")
     @Schema(description = "The interval for metric reporter in seconds")
     private int metricReporterInterval;
@@ -120,13 +111,6 @@ public class AppConfiguration implements Configuration {
     @Schema(description = "Time interval for the Clean Service in seconds")
     private int cleanServiceInterval;
 
-    @Schema(description = "Opa Configuration")
-    private OpaConfiguration opaConfiguration;
-
-    @DocProperty(description = "PDP type")
-    @Schema(description = "PDP type")
-    private String pdpType;
-
     @DocProperty(description = "Authorization token to access Json Uris")
     @Schema(description = "Authorization token to access Json Uris")
     private String policiesJsonUrisAuthorizationToken;
@@ -143,6 +127,14 @@ public class AppConfiguration implements Configuration {
     @Schema(description = "List of Zip Uris with policies")
     private List<String> policiesZipUris;
 
+    @DocProperty(description = "PubSub consumer service")
+    @Schema(description = "PubSub consumer service")
+    private String messageConsumerType;
+
+    @DocProperty(description = "Policy consumer service")
+    @Schema(description = "Policy consumer service")
+    private String policyConsumerType;
+
     @DocProperty(description = "Boolean value specifying whether to return detailed reason of the error from AS. Default value is false", defaultValue = "false")
     private Boolean errorReasonEnabled = false;
 
@@ -217,14 +209,6 @@ public String getTokenUrl() {
     public void setTokenUrl(String tokenUrl) {
         this.tokenUrl = tokenUrl;
     }
-
-    public boolean isGroupScopeEnabled() {
-        return groupScopeEnabled;
-    }
-
-    public void setGroupScopeEnabled(boolean groupScopeEnabled) {
-        this.groupScopeEnabled = groupScopeEnabled;
-    }
 
     public Map<String, List<String>> getEndpointGroups() {
         return endpointGroups;
@@ -274,14 +258,6 @@ public void setExternalLoggerConfiguration(String externalLoggerConfiguration) {
         this.externalLoggerConfiguration = externalLoggerConfiguration;
     }
 
-    public String getMetricChannel() {
-        return metricChannel;
-    }
-
-    public void setMetricChannel(String metricChannel) {
-        this.metricChannel = metricChannel;
-    }
-
     public int getMetricReporterInterval() {
         return metricReporterInterval;
     }
@@ -314,22 +290,6 @@ public void setCleanServiceInterval(int cleanServiceInterval) {
         this.cleanServiceInterval = cleanServiceInterval;
     }
 
-    public OpaConfiguration getOpaConfiguration() {
-        return opaConfiguration;
-    }
-
-    public void setOpaConfiguration(OpaConfiguration opaConfiguration) {
-        this.opaConfiguration = opaConfiguration;
-    }
-
-    public String getPdpType() {
-        return pdpType;
-    }
-
-    public void setPdpType(String pdpType) {
-        this.pdpType = pdpType;
-    }
-
     public String getPoliciesJsonUrisAuthorizationToken() {
         return policiesJsonUrisAuthorizationToken;
     }
@@ -362,7 +322,25 @@ public void setPoliciesZipUris(List<String> policiesZipUris) {
         this.policiesZipUris = policiesZipUris;
     }
 
-    public Boolean getErrorReasonEnabled() {
+    public String getMessageConsumerType() {
+        if (messageConsumerType == null) messageConsumerType = "DISABLED";
+		return messageConsumerType;
+	}
+
+	public void setMessageConsumerType(String messageConsumerType) {
+		this.messageConsumerType = messageConsumerType;
+	}
+
+	public String getPolicyConsumerType() {
+        if (policyConsumerType == null) policyConsumerType = "DISABLED";
+		return policyConsumerType;
+	}
+
+	public void setPolicyConsumerType(String policyConsumerType) {
+		this.policyConsumerType = policyConsumerType;
+	}
+
+	public Boolean getErrorReasonEnabled() {
         if (errorReasonEnabled == null) errorReasonEnabled = false;
         return errorReasonEnabled;
     }
@@ -376,17 +354,16 @@ public String toString() {
 		return "AppConfiguration [baseDN=" + baseDN + ", baseEndpoint=" + baseEndpoint + ", openIdIssuer="
 				+ openIdIssuer + ", statEnabled=" + statEnabled + ", statTimerIntervalInSeconds="
 				+ statTimerIntervalInSeconds + ", tokenChannels=" + tokenChannels + ", clientId=" + clientId
-				+ ", clientPassword=" + clientPassword + ", tokenUrl=" + tokenUrl + ", groupScopeEnabled="
-				+ groupScopeEnabled + ", endpointGroups=" + endpointGroups + ", endpointDetails=" + endpointDetails
-				+ ", disableJdkLogger=" + disableJdkLogger + ", loggingLevel=" + loggingLevel + ", loggingLayout="
-				+ loggingLayout + ", externalLoggerConfiguration=" + externalLoggerConfiguration + ", metricChannel="
-				+ metricChannel + ", metricReporterInterval=" + metricReporterInterval + ", metricReporterKeepDataDays="
-				+ metricReporterKeepDataDays + ", metricReporterEnabled=" + metricReporterEnabled
-				+ ", cleanServiceInterval=" + cleanServiceInterval + ", opaConfiguration=" + opaConfiguration
-				+ ", pdpType=" + pdpType + ", policiesJsonUrisAuthorizationToken=" + policiesJsonUrisAuthorizationToken
-				+ ", policiesJsonUris=" + policiesJsonUris + ", policiesZipUrisAuthorizationToken="
-				+ policiesZipUrisAuthorizationToken + ", policiesZipUris=" + policiesZipUris + ", errorReasonEnabled="
-				+ errorReasonEnabled + "]";
+				+ ", clientPassword=" + clientPassword + ", tokenUrl=" + tokenUrl + ", endpointGroups=" + endpointGroups
+				+ ", endpointDetails=" + endpointDetails + ", disableJdkLogger=" + disableJdkLogger + ", loggingLevel="
+				+ loggingLevel + ", loggingLayout=" + loggingLayout + ", externalLoggerConfiguration="
+				+ externalLoggerConfiguration + ", metricReporterInterval=" + metricReporterInterval
+				+ ", metricReporterKeepDataDays=" + metricReporterKeepDataDays + ", metricReporterEnabled="
+				+ metricReporterEnabled + ", cleanServiceInterval=" + cleanServiceInterval
+				+ ", policiesJsonUrisAuthorizationToken=" + policiesJsonUrisAuthorizationToken + ", policiesJsonUris="
+				+ policiesJsonUris + ", policiesZipUrisAuthorizationToken=" + policiesZipUrisAuthorizationToken
+				+ ", policiesZipUris=" + policiesZipUris + ", messageConsumerType=" + messageConsumerType
+				+ ", policyConsumerType=" + policyConsumerType + ", errorReasonEnabled=" + errorReasonEnabled + "]";
 	}
 
 }